We’ve rounded up five security tools you can download and start using now.
You can’t secure what you can’t see. Creating an inventory of authorized and unauthorized devices is an important best practice for security professionals. In fact, it’s the number one recommendation on the list of SANS/CIS Critical Security Controls.
Nmap is a free network scanning tool that helps you discover devices and computers on your network. In addition to host discovery, Nmap can perform as a port scanner and as also checks for popular services from its database of over 2200 popular services. This versatile security tool helps identify what’s on the network and whether it’s using vulnerable ports, protocols or services that should be hardened.
Suricata is an open source IDS/IPS designed to be highly scalable, with the ability to inspect multi-gigabit traffic. Suricata checks for matches on known threats, policy violations and malicious behavior. This security tool also uses automatic protocol detection to scan for malware and command-and-control channels.
Suricata touts its multithreaded architecture as advantage over other IDS solutions.
TrueCrypt was a free encryption tool that could be used to encrypt files, partitions or an entire storage device. As of 2014, the TrueCrypt product is no longer being maintained, but the open source code has spawned two new security tools, CipherShed and VeraCrypt. Both are based on the original TrueCrypt and have been updated based on security audits of the code.
The other popular open source IDS/IPS is Snort, developed by SourceFire (now part of Cisco). Snort is a widely used security tool for real-time traffic inspection, and is a member of the InfoWorld Open Source Hall of Fame.
Snort has a robust user community that develops third-party plug-ins and contributes to the Snort ruleset.
Wireshark is an indispensable tool for network administrators and security professionals alike. This free packet analyzer is extremely useful for network troubleshooting and analysis. It allows you to examine data in real-time on the network or from a file capture. Wireshark is the tool-of-choice for EiQ’s Support and Solution Engineering teams when diagnosing security devices and event logging.
At EiQ, we love great security tools but we also understand the importance of having the right people to manage them, and the right process in place. You can learn more about our approach to security monitoring here.